fix: Fixed the fault in determining the firewall port forwarding version (#7141)

Author: ssongliu

backend/app/service/firewall.go

@@ -10,7 +10,6 @@ import (
 
 	"github.com/1Panel-dev/1Panel/backend/app/dto"
 	"github.com/1Panel-dev/1Panel/backend/app/model"
-	"github.com/1Panel-dev/1Panel/backend/buserr"
 	"github.com/1Panel-dev/1Panel/backend/constant"
 	"github.com/1Panel-dev/1Panel/backend/global"
 	"github.com/1Panel-dev/1Panel/backend/utils/cmd"
@@ -87,11 +86,6 @@ func (u *FirewallService) SearchWithPage(req dto.RuleSearch) (int64, interface{}
 	case "port":
 		rules, err = client.ListPort()
 	case "forward":
-		isSupport, errSup := checkIsSupport()
-		if !isSupport {
-			return 0, nil, errSup
-		}
-
 		rules, err = client.ListForward()
 	case "address":
 		rules, err = client.ListAddress()
@@ -312,11 +306,6 @@ func (u *FirewallService) OperatePortRule(req dto.PortRuleOperate, reload bool)
 }
 
 func (u *FirewallService) OperateForwardRule(req dto.ForwardRuleOperate) error {
-	isSupport, errSup := checkIsSupport()
-	if !isSupport {
-		return errSup
-	}
-
 	client, err := firewall.NewFirewallClient()
 	if err != nil {
 		return err
@@ -737,14 +726,3 @@ func checkPortUsed(ports, proto string, apps []portOfApp) string {
 	}
 	return ""
 }
-
-func checkIsSupport() (bool, error) {
-	std, err := cmd.Exec("iptables --version")
-	if err != nil {
-		return false, fmt.Errorf("handle iptables --version failed, stdout: %s, err: %v", std, err)
-	}
-	if strings.Contains(std, "nf_tables") {
-		return false, buserr.New(constant.ErrNFTables)
-	}
-	return true, nil
-}

backend/constant/errs.go

@@ -148,7 +148,6 @@ var (
 var (
 	ErrFirewallNone = "ErrFirewallNone"
 	ErrFirewallBoth = "ErrFirewallBoth"
-	ErrNFTables     = "ErrNFTables"
 )
 
 // cronjob

backend/i18n/lang/en.yaml

@@ -169,7 +169,6 @@ ErrUserFindErr: "Failed to find user {{ .name }} {{ .err }}"
 #ssh
 ErrFirewallNone: "No firewalld or ufw service detected on the system. Please check and try again!"
 ErrFirewallBoth: "Both firewalld and ufw services are detected on the system. To avoid conflicts, please uninstall one and try again!"
-ErrNFTables: "Port forwarding functionality relies on the iptables service and is currently not compatible with nftables operations!"
 
 #cronjob
 ErrBashExecute: "Script execution error, please check the specific information in the task output text area."

backend/i18n/lang/zh-Hant.yaml

@@ -169,7 +169,6 @@ ErrUserFindErr: "用戶 {{ .name }} 查找失敗 {{ .err }}"
 #ssh
 ErrFirewallNone: "未檢測到系統 firewalld 或 ufw 服務，請檢查後重試！"
 ErrFirewallBoth: "檢測到系統同時存在 firewalld 或 ufw 服務，為避免衝突，請卸載後重試！"
-ErrNFTables: "端口轉發功能依賴於 iptables 服務，暫不兼容 nftables 操作！"
 
 #cronjob
 ErrBashExecute: "腳本執行錯誤，請在任務輸出文本域中查看具體信息。"

backend/i18n/lang/zh.yaml

@@ -172,7 +172,6 @@ ErrUserFindErr: "用户 {{ .name }} 查找失败 {{ .err }}"
 #ssh
 ErrFirewallNone: "未检测到系统 firewalld 或 ufw 服务，请检查后重试！"
 ErrFirewallBoth: "检测到系统同时存在 firewalld 或 ufw 服务，为避免冲突，请卸载后重试！"
-ErrNFTables: "端口转发功能依赖于 iptables 服务，暂不兼容 nftables 操作！"
 
 #cronjob
 ErrBashExecute: "脚本执行错误，请在任务输出文本域中查看具体信息。"

backend/utils/firewall/client/iptables.go

@@ -2,11 +2,12 @@ package client
 
 import (
 	"fmt"
+	"regexp"
+	"strings"
+
 	"github.com/1Panel-dev/1Panel/backend/app/model"
 	"github.com/1Panel-dev/1Panel/backend/global"
 	"github.com/1Panel-dev/1Panel/backend/utils/cmd"
-	"regexp"
-	"strings"
 )
 
 const NatChain = "1PANEL"
@@ -51,7 +52,7 @@ func (iptables *Iptables) Check() error {
 }
 
 func (iptables *Iptables) NatNewChain() error {
-	return iptables.runf("-N %s", NatChain)
+	return iptables.runf("-t nat -N %s", NatChain)
 }
 
 func (iptables *Iptables) NatAppendChain() error {